Transcript Slide 1
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at San Luis Obispo Raymond N. Johnson Portland State University Chapter 10 – Understanding Internal Control Chapter 10 Overview Fundamental Concepts of Internal Controls • Process integrated with an entity’s infrastructure • People implement internal control • Can only provide reasonable assurance • Achieve objectives in financial reporting, compliance, and operations Components of Internal Control • Control Environment • Risk Assessment • Control Activities • Information and Communication • Monitoring Entity Objectives with Internal Control • Reliability of financial information • Compliance with applicable laws and regulations • Effectiveness and efficiency of operations Limitations of Internal Control • Mistakes in Judgment • Breakdowns • Collusion • Management Override • Cost versus Benefits Roles and Responsibilities • Management • Board of Directors and Audit Committee • Internal Auditors Roles and Responsibilities (cont.) • Other Entity Personnel • Independent Auditors • Other External Parties Study Break 1. _____ is a process that assesses the quality of internal control performance over time. A. Control activities B. Risk assessment C. Information and communication D. Monitoring D. Monitoring Study Break 2. This limitation of an entity’s internal controls occurs when two or more individuals act together to perpetrate and conceal fraud. A. Breakdowns B. Collusion C. Management override D. Mistakes in judgment B. Collusion Components of Internal Control Control Environment • Integrity and Ethical Values • Commitment to Competence • Board of Directors and Audit Committee • Management’s Philosophy and Operating Style Control Environment (cont.) • Organizational Structure • Assignment of Authority and Responsibility • Human Resource Policies and Practices Risk Assessment Process Information and Communication • Information – – – – Transactions Audit Trail or Transaction Trail Documents Records • Communication Control Activities • Authorization Controls • Segregation of Duties – Transaction authorization – Custody of assets – Recorded accountability in accounting records Segregation of Duties Control Activities (cont.) • Information Processing Controls – General Controls – Computer Application Controls – Controls over the Financial Reporting Process General Controls • Organization and Operation Controls • Systems Development and Documentation Controls • Hardware and Systems Software Controls • Access Controls • Data and Procedural Controls Computer Application Controls • Input Controls • Processing Controls • Output Controls Controls over the Financial Reporting Process Control Activities (cont.) • Physical Controls • Performance Reviews • Controls over Management Discretion in Financial Reporting Control Activities (cont.) • Monitoring – Ongoing monitoring programs – Separate evaluations – Element of reporting deficiencies to the audit committee Antifraud Programs and Controls Study Break 3. Which of the following does not influence the control environment? A. Management’s Philosophy B. Adequate Training C. Hiring Processes D. All of the above influence the control environment D. All of the above influence the control environment Study Break 4. This component of control activities ensures that every transaction is authorized by management acting within the scope of their authority. A. Authorization Controls B. Segregation of Duties C. Information Processing Controls D. All of the above A. Authorization Controls Study Break 5. This computer application control is designed to ensure that the processing results are correct and only authorized personnel receive the information. A. Input Controls B. Processing Controls C. Output Controls D. Data Controls C. Output Controls Understanding Internal Control Must perform procedures to: • Understand design of policies and procedures • Determine whether the policies and procedures are operating Understanding Internal Control Auditor uses the understanding to: • Identify types of potential misstatements • Understand factors affecting risk of material misstatement • Design further audit procedures Effects of Preliminary Audit Strategies • Control Environment • Risk Assessment • Information and Communication • Control Activities • Monitoring Procedures to Obtain an Understanding • Review previous experience with the client • Inquire management, supervisory, and staff personnel • Inspect documents and records • Observe activities and operations • Trace transactions through system Documenting the Understanding • Questionnaires • Flowcharts • Decision Tables • Narrative Memoranda Questionnaire Decision Table Narrative Memoranda Study Break 6. All of the following are procedures used to obtain an understanding of internal controls except: A. Inspecting documents B. Inquiries of client’s customers C. Inquiries of management D. All of the above procedures are used B. Inquiries of client’s customers Study Break 7. This form of documentation is a diagram that uses symbols to identify the steps involved in processing information through the accounting system. A. Questionnaire B. Flowchart C. Decision Table D. Narrative Memoranda B. Flowchart